exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Rich Whitcroft

MS15-034 HTTP Protocol Stack Request Handling HTTP.SYS Memory Information Disclosure

Posted Sep 1, 2024

Authored by sinn3r, Rich Whitcroft, Sunny Neo | Site metasploit.com

This Metasploit module dumps memory contents using a crafted Range header and affects only Windows 8.1, Server 2012, and Server 2012R2. Note that if the target is running in VMware Workstation, this module has a high likelihood of resulting in BSOD; however, VMware ESX and non-virtualized hosts seem stable. Using a larger target file should result in more memory being dumped, and SSL seems to produce more data as well.

tags | exploit

systems | windows

advisories | CVE-2015-1635

SHA-256 | 4a0a7232721b04275d17b16891f2475537a84cfaad2597bb4398fc1c09c5c025

Download | Favorite | View

Microsoft IIS WebDav ScStoragePathFromUrl Overflow

Posted May 11, 2017

Authored by Dominic Chell, FireFart, Zhiniang Peng, Chen Wu, zcgonvh, Rich Whitcroft | Site metasploit.com

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with "If: <http://" in a PROPFIND request, as exploited in the wild in July or August 2016. Original exploit by Zhiniang Peng and Chen Wu.

tags | exploit, remote, web, overflow, arbitrary

systems | windows

advisories | CVE-2017-7269

SHA-256 | dd14beacc3e87b7064dc160534d469a79690ec06c3cb5fdddd8acbce04733db8

Download | Favorite | View